Threat Actor Claims to Have Hacked Major Israeli Institutions

Threat Actor: Unknown | Unknown
Victim: Israeli Institutions | Israeli Institutions
Price: Negotiable
Exfiltrated Data Type: Sensitive government and military data

Key Points :

  • Threat actor claims to have hacked multiple high-profile Israeli organizations, including government institutions and defense contractors.
  • Access points and sensitive data reportedly for sale include more than 370GB of data from the Israel MFA.
  • Alleged dump of 27,000 emails from the Mossad email server, covering the period from 2017 to 2023.
  • Data linked to major defense contractors Rafael Advanced Defense Systems and Elbit Systems is included.
  • Claims of exfiltrated data from Israeli military and intelligence units, including Unit 8200 and Unit 9900.
  • Access to 70 instances of SCADA systems and over 60 compromised Bakarim7 modems listed for sale.

In a post on a dark web forum, a threat actor has made allegations of breaching multiple high-profile Israeli organizations, including government institutions and defense contractors. The post lists an extensive set of access points and sensitive data, allegedly up for sale.

According to the post, the threat actor claims to have compromised various Israeli institutions, including the Ministry of Foreign Affairs (MFA), defense contractors like Rafael Advanced Defense Systems, and even intelligence units such as Unit 8200 and Unit 9900. The data offered for sale is said to include:

  • Israel MFA Access: Remote Desktop Protocol (RDP) access and SharePoint accounts, reportedly containing more than 370GB of data.
  • Mossad Email Server Dump: Alleged 27,000 emails and files dating from 2017 to 2023.
  • Rafael Advanced Defense Systems and Elbit Systems Data: Information linked to two of Israel’s most significant defense contractors.
  • Israeli Intelligence and Military Units: Alleged data from various military and intelligence bodies, including Unit 8200, Unit 9900, the Israeli Navy, and the Israeli police, along with personal CVs.
  • SCADA Access: The post also lists 70 instances of Supervisory Control and Data Acquisition (SCADA) system access, critical for industrial control systems.
  • Modem Access: More than 60 compromised Bakarim7 modems.

The post includes a link to a Telegram contact, where potential buyers can supposedly inquire about the purchase of this data.

The post Threat Actor Claims to Have Breached High-Profile Israeli Institutions appeared first on Daily Dark Web.